InformationTechnologySummaryReportandRecommendations
2013
Eric Denna, Chief Information Officer
2/18/2013
Information Technology Summary Report and Recommendations 2013
Contents Executive Summary of Recommendations ................................................................................................... 1
Theme 1: Establish New IT Governance ....................................................................................................... 3
Theme 2: Establish a Sustainable IT Cost and Funding Model ..................................................................... 3
Theme 3: Create a Clear Strategy for Instructional Technologies ............................................................... 4
Theme 4: Create a Clear Direction for Research Computing ....................................................................... 5
Theme 5: Establish a Catalog of IT Services and Timely Provision of Services, Clarifying Roles of Individual Organizations and Central IT ........................................................................................ 5
Theme 6: Modernize Administrative Systems to Improve Administrative Work and Decisions ................. 6
Theme 7: Position Campus Network Infrastructure for the Future ............................................................. 7
Theme 8: Establish Balance between Strong IT Security and Increased Access to Information and Services ......................................................................................................................................... 8
Theme 9: Improve Campus IT Communication and Collaboration Services .............................................. 10
Conclusion………………………… ....................................................................................................................... 10
Acknowledgements ..................................................................................................................................... 10
Appendix A ‐ Background ............................................................................................................................ 11
Appendix B ‐ Interviewees .......................................................................................................................... 14
Appendix C ‐ Committee Charters .............................................................................................................. 16
Information Technology Summary Report and Recommendations 2013
1
ExecutiveSummaryofRecommendationsInformation technology exists to support the mission of the university as defined by university
leadership. Investments in information technology are driven principally by the desire to improve the
way work is done; to improve decision making; to adhere to various laws, regulations, and policies; and
to help the organization manage its risks. The recommendations in this document serve as the
foundation for strategically investing in IT resources and to facilitate the work of a new IT governance
structure for the University of Utah. This effort was initiated by Interim President Lorris Betz in 2011
when he established a subcommittee of the President’s Cabinet to make recommendations regarding
information technology governance at the University of Utah. When David Pershing was named as the
15th university president, he requested that Dr. Betz continue this effort during the transition period
that followed.
IT governance recommendations were developed and presented to the President’s Cabinet, and later to
the Council of Academic Deans. Both bodies charged Eric Denna, Chief Information Officer, with the
responsibility to build on the recommendations and continue to develop IT governance concepts, vision,
principles, and organizational structures.
Nine major IT themes were identified after interviewing over 50 leaders and influencers across campus
regarding IT opportunities for improvement:
Theme 1: Establish New IT Governance
The university community depends on IT services to conduct research, improve teaching/learning,
do community service, and provide administrative support. Making appropriate investments in IT
requires effective decision making on the part of university leadership. The university will develop
and implement a governance process that provides strategic leadership and oversight of IT
resources across the university, establishes university‐wide IT priorities, and produces accountability
and transparency.
Theme 2: Establish a Sustainable IT Cost and Funding Model
University leaders need maximum value from each dollar spent on IT. The university will establish a
transparent, trusted, and sustainable costing, pricing, and funding model that accounts for the total
cost to develop, provide, and maintain local and central IT services across the university and
provides a sustainable economic model for IT services. This is a task that will require the
involvement of all IT governance bodies.
Theme 3: Create a Clear Strategy for Instructional Technologies
Faculty and students need access to appropriate IT services to facilitate and improve the range of
teaching and learning modalities. The university will establish the desired teaching and learning
technology services, costs of teaching and learning technology services, and the appropriate funding
model for such services.
Theme 4: Create a Clear Direction for Research Computing
Researchers need powerful and reliable IT services to create, manipulate, share, analyze, and store
data. The university will establish the desired research technology services, costs of research
Information Technology Summary Report and Recommendations 2013
2
technology services, and the appropriate funding model for such services. The viability of private
and public “cloud” research computing products and services will be analyzed.
Theme 5: Establish a Catalog of IT Services and Timely Service Provisioning, Clarifying Roles of
Individual Organizations and Central IT
There is confusion on campus regarding the types of IT services that are needed, who is responsible
for providing the services, and how such services will be funded. There is no consistent or
documented management process for provisioning and de‐provisioning IT services. The university
will establish a catalog of IT services, define how best to provide the services, and clarify the roles of
individual organizations and central IT in providing such services. The university will provide many of
these services through automated workflows that require little or no manual intervention.
Theme 6: Modernize Administrative Systems to Improve Administrative Work and Decisions
The university must cost‐effectively deliver student, financial, facilities, auxiliary, human resources,
and other support services and data to campus organizations. The university will identify funding
models for developing and sustaining critical business applications while reducing the cost of
maintenance; partner with campus organizations to identify key services in need of process
improvement; develop a comprehensive data warehouse and data analysis tools to support decision
making; and position the university to consider implementing community‐sourced administrative
computing systems.
Theme 7: Position Campus Network Infrastructure for the Future
Employees and students need a stable and secure network to communicate electronically with other
people, organizations, systems, and services. Using best standards and practices to improve wired
and wireless infrastructure (including emergency communications), the university will move toward
a unified campus network through cooperative agreements with campus organizations.
Theme 8: Establish the Proper Balance between Strong IT Security and Increased Access to
Information and Services
The university community expects sensitive data to be transmitted and stored securely and accessed
only by those authorized to do so. Simultaneously, leadership’s demand for organizational data is
increasing. This is becoming more and more challenging in an increasingly risky technical global
environment. The university will enhance its IT security plan, policies, processes, and services to
ensure that sensitive data is protected, while providing appropriate access to those who require
data access to make informed decisions and perform the responsibilities of their work.
Theme 9: Improve Campus IT Communication and Collaboration Service
Communicating and collaborating through voice, video, and data are fundamental to accomplishing
the work of the university by individuals and organizations. The university will establish a vision for
unified communication and collaboration services, identify the desired services to achieve the
vision, and develop a plan for implementing the services (including the necessary funding strategy)
to improve our ability to communicate and collaborate in a cost‐effective way.
Information Technology Summary Report and Recommendations 2013
3
Theme1:EstablishNewITGovernanceWho are the stakeholders and what do they need to do?
The principal stakeholder for this theme is the leadership of the university, which has responsibility to make sure the IT resources of the university are properly governed. The university community depends on IT services to do its work. Making appropriate investments in IT requires effective decision making on the part of university leadership.
Recommendation Summary
Develop and implement a process that provides strategic leadership and fiduciary responsibility,
establishes campus‐wide IT priorities, and produces accountability and transparency.
Organize investment portfolio committees to empower the strategic, operational and technical
decision‐making required to ensure that IT enables the university to excel in its mission and
accomplish the priorities, goals, and initiatives set forth by university leadership.
Ensure that information security and privacy concerns are addressed throughout the
governance process.
Provide an annual report to the university regarding progress in addressing the IT themes.
Key Benefits to Campus
Makes IT decision making transparent.
Establishes small, focused committees charged with specific roles, responsibilities, decision
authority, and accountability for IT investments.
Establishes a “big picture” fiduciary outlook for IT investments.
Allocates IT resources and sets IT investment priorities that align with university goals and
objectives.
Aligns IT plans with other strategic plans of the university.
Brings campus and college/departmental IT plans together into a single coherent campus wide
IT strategy.
Engenders communication, collaboration and trust by representing the diverse interests of
campus colleges and administrative organizations.
Theme2:EstablishaSustainableITCostandFundingModelWho are the stakeholders and what do they need to do?
University leaders need maximum value from each dollar spent on IT services.
Recommendation Summary
Establish a transparent, trusted, and sustainable funding and pricing model that accounts for the
total cost to develop, provide, and maintain IT infrastructure and services.
Assess the viability of all sources of revenue. Identify and mitigate risks associated with revenue
sources.
Information Technology Summary Report and Recommendations 2013
4
Ensure that adequate one‐time and ongoing funding sources are identified and available to
ensure that the capability, availability, and reliability of campus IT services meet the needs of
the campus community.
Key Benefits to Campus
Establishes a culture of financial transparency and accountability.
Establishes confidence and trust in prices charged for services that are provided on a billed,
cost‐recovery basis.
Reduces confusion by clearly identifying services that are funded centrally or through college
and department assessments.
Provides a foundation upon which the value of IT investments may be judged.
Identifies funding mechanisms to sustain continuous improvement and ongoing effectiveness of
campus information technology.
Ensures that student computing fees directly serve student needs.
Theme3:CreateaClearStrategyforInstructionalTechnologiesWho are the stakeholders and what do they need to do?
Faculty and students need access to appropriate IT services to improve teaching and learning outcomes.
Recommendation Summary
Identify the most significant technology barriers to online and hybrid course teaching.
Identify core teaching and learning systems and ensure appropriate funding.
Determine how campus learning spaces need to be adapted to support changing teaching
models. Invest in and prioritize the installation of learning space technology and equipment.
Provide learning resources that allow faculty and students to store and share information.
Support learning outcomes assessment and post‐graduate success by enabling students to
develop an electronic portfolio of their academic experiences.
Determine the type and source of data that are needed to support curriculum mapping,
accreditation and learning outcomes assessment.
Key Benefits to Campus
Standardizes and improves ease of adoption of instructional technologies.
Improves collaboration between students and faculty members.
Ensures that classroom and lab instructional technologies complement the teaching experience.
Supports student success by establishing a permanent record of student experiences that will
follow students throughout their academic careers and after graduation.
Provides data to improve instruction and student success rates. Improves success rates for
gateway courses.
Information Technology Summary Report and Recommendations 2013
5
Theme4:CreateaClearDirectionforResearchComputingWho are the stakeholders and what do they need to do?
Researchers need powerful and reliable IT services to create, manipulate, share, analyze, and store data.
Recommendation Summary
Collaborate with university libraries to establish processes and systems for research data
management.
Identify an appropriate and sustainable funding model to support IT services for non‐high
performance research and creative scholarship computing.
Identify an appropriate and sustainable funding model to ensure that high performance
computing resources meet the growing and changing demands of researchers.
Evaluate the viability of private and public “cloud” research computing resources.
Locate high performance computing resources in “hardened” facilities to ensure reliability and
availability.
Key Benefits to Campus
Provides the means to store and manage vast amounts of research data.
Provides IT services support to non‐HPC researchers who have unmet research IT needs.
Ensures that computer systems and facilities meet the demands of research grants and
contracts.
Improves the return on research overhead funds.
Provides an operationally modern computing environment that is robust and reliable.
Theme5:EstablishaCatalogofITServicesandTimelyProvisionofServices,ClarifyingRolesofIndividualOrganizationsandCentralIT
Who are the stakeholders and what do they need to do?
There is confusion on campus regarding the types of IT services that are needed, who is responsible for
providing the services, and how such services will be funded. There is no consistent or documented
management process for provisioning and de‐provisioning services. Information security is at greater
risk because the university does not maintain a current central inventory of data, user access, and
assets. Documentation is inconsistent and siloed throughout the organization. Failure to identify,
authorize, and assign ownership of critical assets decreases the ability to efficiently and effectively
secure data and respond to information security breaches.
Recommendation Summary
Establish systems, work flow processes, authentication, and service authorization infrastructure
to automate the timely provision and removal of services.
Information Technology Summary Report and Recommendations 2013
6
Establish a catalog of IT services, define how best to provide the services, and clarify the roles of
individual organizations and central IT in providing such services.
The university will provide many of these services through automated workflows that require
little or no manual intervention.
Key Benefits to Campus
Improves access to quality services to end‐users and campus organizations based on the end‐
user’s unique role(s) and the access requirements of the organization.
Provides a clear electronic means of ordering and discontinuing IT and other campus services.
Establishes infrastructure to enable electronic processes and paper reduction.
Improves efficiency of service‐providing organizations and allows scarce resources to be
repurposed where needed.
Improves security by limiting unauthorized access to resources and sensitive services and
information.
Theme6:ModernizeAdministrativeSystemstoImproveAdministrativeWorkandDecisions
Who are the stakeholders and what do they need to do?
The university must cost‐effectively deliver student, financial, facilities, auxiliary, human resources, and
other support services and data to campus organizations.
Recommendation Summary
Identify funding models and systems to develop and sustain critical business applications while
reducing the cost of application maintenance.
Modernize administrative services through the implementation of electronic work flow and
approval processes.
Position the university to consider new, group‐sourced developments in administrative
computing for higher education.
Require business process analysis prior to implementing major new administrative systems or
changing existing major administrative systems.
Propose changes in campus policies and procedures that inhibit electronic approvals and
automated work flows.
Enable decision makers to access well‐defined financial, human resources, and student data
through the development of a comprehensive data warehouse and the implementation of data
analysis tools.
Provide mobile access to administrative services and data where appropriate.
Key Benefits to Campus
Improves the readiness of new students by establishing holistic admissions processes as
envisioned by President Pershing.
Information Technology Summary Report and Recommendations 2013
7
Improves graduation rates by providing timely feedback regarding student progress to college
and department leaders.
Provides timely data necessary to support accreditation processes.
Enables research by exposing sponsored research opportunities and improving the efficiency of
the grant application process. Decreases time and effort required to administer grants and
contracts by delivering timely financial reports and data.
Improves campus efficiency by replacing manual, paper‐based processes with automated work
flows.
Enables fact‐based decision making at all levels of university leadership.
Theme7:PositionCampusNetworkInfrastructurefortheFutureWho are the stakeholders and what do they need to do?
Employees and students need a stable and secure network to communicate electronically with other people, organizations, systems, and services. Using best standards and practices to improve wired and wireless infrastructure, the university will move toward a unified campus network through cooperative agreements with campus organizations. Information security is at greater risk because network vulnerability management has been informal and accountability for failure to comply with policy has not been enforced. The network is vulnerable to common attacks aimed at disrupting the availability of the network (Denial of Service). Many servers and network devices are not set up to send log files to a central repository. The current network architecture is not adequately segmented to enforce basic network security precautions. Documentation of the network infrastructure is inconsistent and incomplete. In 1999 and again in 2011, external security assessments identified the decentralized network architecture and management as a significant security risk. In 2011 a University of Utah Hospitals and Clinics HIPAA compliance assessment came to the same conclusion.
Recommendation Summary
Prepare the campus wired and wireless network infrastructure to provide the secure bandwidth
capacity needed to sustain research, teaching/learning, administrative, social, and health
services computing and communication.
Implement network “security zones” to limit access to critical and sensitive information to those
with the need to know.
Move toward a single campus network through technology standards, best practices, and
cooperative agreements with campus colleges and departments.
Key Benefits to Campus
Positions the university to enhance efficiency using new technologies including high quality, high
definition IP voice, video and data.
Establishes network security zones to ensure that only authorized individuals are accessing the
sensitive data that they need to be productive.
Ensures role‐based access to information and services to all members of the campus
community.
Information Technology Summary Report and Recommendations 2013
8
Enhances the university’s ability to deliver mobile applications to the university community.
Provides reliable access to university “cloud” infrastructure, platform and applications services
provided from the new downtown data center, and public “cloud” services that will allow the
university to take advantage of new applications and services in a timely manner.
Ensures that central campus and local college or department network needs are met through
cooperative service agreements between central and local service providers.
Theme8:EstablishBalancebetweenStrongITSecurityandIncreasedAccesstoInformationandServices
Who are the stakeholders and what do they need to do?
The university community expects that sensitive data and IT resources will be protected, that
confidentiality will be maintained, and that access will only be granted to those individuals who require
access to perform the responsibilities of their positions. Conversely, as mentioned in Theme 6, the
concern mentioned most often during interviews with campus leaders was that data are not readily
available in a form that helps them make important decisions. This is becoming more challenging in an
increasingly risky technical global environment. A balance between security and access is required.
Risks
Governance The university has not formalized processes for complying with policies outlined in the security policy. Current processes are inconsistent across the organization and there is no established mechanism for reporting and monitoring compliance. Asset and Data Inventory The university does not maintain a current inventory of data and assets. Documentation is inconsistent
and siloed throughout the organization. Failure to identify, authorize, and assign ownership of critical
assets decreases the ability to efficiently and effectively secure data and respond to information security
breaches.
Vulnerability Management Network vulnerability management has been informal and accountability for failure to comply with
policy has not been enforced.
Network The network is vulnerable to common attacks aimed at disrupting the availability of the network (Denial of Service). The current network architecture is not adequately segmented to enforce basic network security precautions. Documentation of the network infrastructure is inconsistent and incomplete. User Access Management The university lacks consistent and documented user management processes. In addition, the university
has not formally defined role based access for key organizational application and there is no process for
Information Technology Summary Report and Recommendations 2013
9
reviewing access on a periodic basis. This lack of standardization creates an environment where
requesting and granting access to resources and data is time consuming and cumbersome and logical
access to university IT resources is not terminated in a timely fashion after an individual’s official
capacity with the university has ended.
Logging Various logging utilities have been implemented to provide administrator with actionable alerts as well
as capabilities to dynamically respond to specific attacks. However, a significant number of servers and
network devices are not currently configured to send log files to a central repository and the storage of
log data is primarily to support forensic work after a breach has been identified.
Regulatory Compliance
The issues identified above significantly impact the university’s ability to comply with various regulatory
requirements related to information security (PCI, HIPAA, FERPA, FISMA, etc.), creating a significant
financial and reputation risk to the university.
Recommendation Summary
Enhance and implement the campus IT security strategic plan, policies, processes, and services
to protect critical IT resources and sensitive information.
Ensure that personal and sensitive patient, student, faculty, and staff information is secure.
Implement measures to comply with the university’s Information Security Policy 4‐004.
Ensure compliance with all privacy and information security laws and regulations.
Provide appropriate and secure access to those who require access to data and information to
make informed decisions and perform the responsibilities of their work.
Key Benefits to Campus
Maintains confidentiality of personal, sensitive data.
Reduces risks associated with data loss or information system downtime.
Complies with the campus Institutional Data Management and Information Security policy
which states:
o The value of institutional data is increased through its widespread and appropriate use;
its value is diminished through misuse, misinterpretation, or unnecessary restrictions to
its access.
o Data users will be granted secure access to view or query all institutional data based on
the “need to know” in order for the individual or campus organization to perform all
legitimate administrative, health care, research, academic and other official
responsibilities pertaining to the mission of the university, examples of which include
but are not limited to planning, decision making, official reporting, etc.
Empowers decision making at all levels of leadership at the university.
Information Technology Summary Report and Recommendations 2013
10
Theme9:ImproveCampusITCommunicationandCollaborationServices
Who are the stakeholders and what do they need to do?
Communicating and collaborating through voice, video, and data are fundamental to the individuals and
organizations accomplishing the work of the university.
Recommendation Summary
Establish a vision for unified communication and collaboration services.
Identify the desired services to achieve the vision.
Create a plan for adopting new technologies (including the necessary funding strategy) that
improves our ability to communicate and collaborate in a cost‐effective way.
Key Benefits to Campus
Fosters existing and future collaborations in research, teaching/learning, and administrative
functions, on campus and off campus.
Provides resources to analyze and improve communication and collaboration processes.
ConclusionThese themes represent the best thinking of UIT leadership and are consistent with the feedback received through interviews with campus leaders. With IT governance established, efforts related to the themes are prioritized based on the strategic, operational, or technical direction of the governance committees. This represents a significant change in the way IT resources have been allocated and how projects were prioritized. This change requires the commitment and collaboration of campus leaders to responsibly govern the investment of IT resources to accomplish the university’s mission, vision, strategies, and initiatives. All themes are closely related to one another. Implementation of the IT governance structure and the successful implementation of the new IT funding model are necessary to accomplish the recommendations presented in this report. Existing university monies funds the recommendations. This includes redirecting limited resources to higher‐priority needs. Under the auspices of the IT governance structure, the university may decide to seek new funding for IT services that benefit the entire campus.
AcknowledgementsUIT wishes to acknowledge the contributions and consultative direction of Elizabeth Aebersold, Director
of the Office of Communication and Strategy Management at the University of Texas at Austin. We also
express gratitude for Ms. Aebersold’s willingness to liberally share her experience and documentation
from establishing IT governance at UT Austin. This document mirrors and sometimes, where
appropriate, quotes her work.
Information Technology Summary Report and Recommendations 2013
11
AppendixA‐Background The reason for a new IT governance model can best be established through a brief review of the history
of IT governance on the University of Utah campus since roughly 2000.
Many IT services and systems did not develop as centrally provided or managed campus services. With
changes from the mainframe computing era through the personal computing era, IT services were
developed, implemented, and maintained in a distributed manner. Each college and department
developed IT solutions based on their particular needs and requirements. For example, in 2000, virtually
every department on campus was running its own email system. Today, a number of academic
departments operate their own networks and computing systems, and own and manage the physical
infrastructure associated with those networks and systems.
Attempts to coordinate distributed IT efforts began with the establishment of a Chief Information
Officer and two oversight committees, the Information Technology e‐ Commerce committee (ITeC) and
the Information Technology Council (ITC).
CentralCoordinationandLocalControlThe CIO reported to the Senior Academic Vice President with the primary responsibility to facilitate IT
development applying the principles of “Central Coordination and Local Control.” The CIO served as a
consensus builder across campus IT organizations.
ITeC was originally organized to investigate and develop technologies to facilitate on‐line transactions.
At the same time, a committee known as the Information Technology Council (ITC) was organized as a
way to coordinate efforts between “centralized” IT organizations and college and departmental IT
managers. These two committees were duplicative in many aspects. The membership of the groups
overlapped to a large extent. The meeting agendas for the two groups mirrored each other. Both
committees met monthly, which resulted in considerable duplication of effort.
The Senior Academic Vice President and the Council of Academic Deans were approached in 2002 with a
proposal to eliminate one of these committees. Because there was a strong desire to maintain academic
oversight, ITeC was disbanded and reconstituted as a part of the Information Technology Council (ITC).
The membership of the ITC consisted of representatives from each college, and key leaders from across
campus, representing each of the vice presidents and their functional areas of responsibility.
Meeting bi‐monthly for over 10 years, the ITC functioned as a coordinating and oversight body for
campus‐wide IT initiatives. ITC reviewed and approved IT policies and an annually‐updated project
oriented IT plan. ITC approved the expenditure of student computing fees that, over the years, have
been administered by the central IT organization under the direction of the CIO. The ITC reviewed plans
and budgets to implement major campus network and IT systems infrastructure projects.
The ITC also reviewed proposals presented by colleges and administrative departments for the
implementation of software systems, if (a) the system required access to or integration with institutional
data resources; (b) the system potentially exposed sensitive and critical information; (c) the
Information Technology Summary Report and Recommendations 2013
12
implementation of the system required the use of central IT personnel; (d) the system could possibly
duplicate existing IT systems; or (e) the system presented an opportunity for a solution that would
benefit the campus community beyond the proposing department.
WhatiftheITCsaid“NO”During the ITC meeting held in June 2011, the Human Resources department presented a proposal for
an employee recruiting system called PeopleAdmin. A few months earlier, Hospital Human Resources
had presented a different recruiting system that they selected for hospital employee recruiting.
Members of the ITC questioned why the campus was implementing two different recruiting systems. A
lively and somewhat heated discussion ensued, ultimately resulting in a motion to support the
implementation of the PeopleAdmin system. The vote was very close, a result which was historically
unusual. The system implementation was approved by a narrow margin, but the question was raised:
What if the ITC had voted against approval of the recruiting system?
After considerable discussion, campus IT leadership and many ITC members recognized that the ITC vote
was ambiguously authoritative and non‐binding. There was nothing in official university policy that
required a campus department to abide by the decisions of ITC.
This event highlighted the need for a governance process that could offer strategic direction and make
decisions that had a real and binding impact on campus IT investments.
OtherCommitteesThe ITC promulgated sub‐committees for various purposes. A committee was organized that consisted
of “data stewards,” the individuals who were charged with the ownership and management of
institutional data. This committee evolved to include other leaders and became the Information
Technology Executive Committee (ITEC). The ITEC met monthly and, among other duties, reviewed,
influenced, and approved ITC agenda items.
Several other sub‐committees developed over time, usually with a limited or specific technology and/or
operational focus. Topics included subject areas like wireless networks, video streaming infrastructure,
IPv6 implementation, etc. At one point the number of identified committees that dealt with IT in some
way exceeded 26. Some of these committees operated under the direction of ITC, others were ad hoc
and formed around a specific IT issue or problem.
WhyChangetheGovernanceModel?As the more than 26 committees were analyzed, it became clear that virtually all had little or no decision
authority. Most could be classified as advisory or informational committees. While the committees had
provided valuable input to the operation of campus IT, a lack of clear decision authority and the absence
of a clear campus IT strategy limited the effectiveness of these committees in driving the campus
agenda for IT investments.
CampusFeedbackRegardingITGovernanceInterviews were conducted with academic and administrative leaders throughout campus in an attempt
to capture concerns regarding campus IT governance and to identify substantive themes for early
Information Technology Summary Report and Recommendations 2013
13
governance committee meetings. The comments below came from interviewees and are not necessarily
the opinions of UIT. In some cases the comments expressed are based on impressions that interviewees
have regarding current IT governance processes.
Whatwaswrongwiththepreviousportfoliomanagementstructure?Whatneededtobefixed?
Campus strategic plans need to be broadly understood and policies need to “stick.” With the
intent of providing flexibility for campus organizations, exceptions to policy and plans were
granted without regard for the unintended consequences to the entire campus. Exceptions had
become the rule.
The previous portfolio approach was perceived as successful for those who had the closest
control of the agenda. Several interviewees expressed a perception that the portfolio agendas
were controlled by functional units e.g. Human Resources, Financial and Business Services,
Student Affairs.
Well‐funded organizations could preempt rules and priorities in ways that were or were not in
the best interest of the campus community as a whole.
Midlevel directors and managers appeared to have veto power over projects that had vice
presidential sponsorship.
Information Technology Summary Report and Recommendations 2013
14
AppendixB‐Interviewees
Cathy Anderson Associate Vice President, Budget and Planning David Blackburn Martha Bradley
IT Director, David Eccles School of Business Dean, Undergraduate Studies
Frank Brown Dean, College of Mines and Earth Sciences Richard Brown Dean, College of Engineering Thomas Cheatham Associate Professor, College of Medicinal Chemistry and
Pharmacy Hiram Chodosh Annie Nebeker‐Christensen
Dean, S. J. Quinney College of Law Dean of Students
Dean Church Kari Ellingson
Director, Financial Solutions Associate Vice President, Student Development and Research
Robert Fujinami Academic Senate President; Professor, Department of Pathology, School of Medicine
Cynthia Furse Associate Vice President, Research Administration; Professor, Department of Electrical and Computer Engineering, College of Engineering
Sarah George Bruce Gillars
Director, Utah Museum of Natural History Director, Space Planning
James Graves Dean, College of Health Michael Hardman Interim Senior Vice President, Academic Affairs Chris Hill Athletics Director Chris Ireland Dean, College of Pharmacy Maureen Keefe Jeffrey Kentor
Dean, College of Nursing Associate Dean, College of Social and Behavioral Science
Vivian Lee Senior Vice President, Health Sciences, Professor, Clinical Radiology
Nancy Lombardo Librarian, Spencer S. Eccles Health Sciences Library Joyce Mitchell Associate Vice President for Health Science IT; Professor,
Biomedical Informatics Jannah Mather Tom Millbank
Dean, College of Social Work Associate Director, Space Planning Knowledge Management
John Morris Vice President, General Council Tony Murillo Computing and Technology Operations, Huntsman Cancer
Institute Robert Newman Dean, College of Humanities James Parker Director, Procurement Mary Parker Associate Vice President, Enrollment Management Thomas Parks Vice President, Research Administration Michael Perez Associate Vice President, Facilities Management Jason Perry Vice President, Government Relations Taylor Randall Dean, David Eccles School of Business Barbara Remsburg Director, Student Services, Housing and Residential Education Patricia Ross Chief Strategy Officer David Rudd Dean, College of Social and Behavioral Science
Information Technology Summary Report and Recommendations 2013
15
Wayne Samuelson Vice Dean of Education, School of Medicine Marty Shaub Managing Director, Environmental Health and Safety Brenda Scheer Dean, College of Architecture + Planning Jean Shipman Director, Spencer S. Eccles Health Sciences Library Laura Snow Special Assistant to the President Barbara Snyder Vice President, Student Affairs Pierre Sokolsky Dean, College of Science Sylvia Torti Dean, Honors College Raymond Tymas‐Jones Dean, College of Fine Arts Randy Van Dyke Assistant Vice President, Internal Audit Chuck Wight Dean, Graduate School Amy Wildermuth Associate Vice President, Academic Affairs Gordon Wilson Assistant Vice President, Auxiliary Services Bill Warren Chief Marketing and Communications Officer Jeff West Associate Vice President, Financial and Business Services Joanne Yaffe Associate Professor, College of Social Work
Information Technology Summary Report and Recommendations 2013
16
AppendixC‐CommitteeCharters
StrategicITCommitteeThe Strategic IT Committee meets on a regular basis as needed to approve the enterprise IT plan and
overall IT funding model, set key IT priorities for campus, endorse IT principles and policies, resolve
enterprise‐wide strategic IT issues, and establish accountability for enacting decisions. The Board
consists of executive‐level positions from the President’s Cabinet and hospital and serves as the
definitive decision‐making body for IT on campus. The Chair of the OITC will serve as an ex‐officio
member of the Strategic IT Committee. Chair: David Pershing.
FacultyITCouncilThe Faculty Information Technology Council is elected by the Academic Senate. It is advisory to the
Strategic IT Committee (SITC). Chair: to be announced.
OperationalITCommitteeThe Operational Information Technology Committee (OITC) works closely with the Strategic IT
Committee and with the portfolios. The OITC responsibilities include translating strategic direction from
the Strategic IT Committee to the appropriate portfolio; coordinating cross‐portfolio priorities; propose
resource allocations across portfolios; and requesting additional resources when necessary from the
Strategic IT Committee.
The Operational IT Committee will be the Data Management Policy (Policy 4‐001) governing body as well
as the University Information Security Policy (Policy 4‐004) governing body. The OITC will ensure that the
Data Management Policy is meeting the needs of the data stewards and data users. The OITC will also
make decisions related to the treatment of risk concerning university technology and data. Chair:
Michael Hardman.
UniversityResearchPortfolioThe University Research Portfolio focuses on advanced information technology to support research
across campus. This portfolio has primary responsibility to establish priorities, identify initiatives, and
allocate seed money to innovative technology projects that support the advanced information
technology needs of research at the university. Chair: Tom Cheatham.
UniversitySupportServicesPortfolioThe University Support Services Portfolio identifies and prioritizes technology‐enabled solutions for
shared business needs and ensures effective use of information technology resources across all support
services organizations of the university. The University Support Services Portfolio has primary
governance over all custom‐developed, application‐packaged administrative software, and unified
communications applications. The committee consists of the leaders of university support services
organizations. Chair: Michael Kay.
Information Technology Summary Report and Recommendations 2013
17
TeachingandLearningPortfolioThe University Teaching and Learning Portfolio focuses on technology to support teaching and learning
across campus. This portfolio has primary responsibility for the learning management system, classroom
technology, teaching and collaboration tools, and other teaching and learning technology tools. This
portfolio will prioritize projects, identify initiatives, and allocate seed money to innovative technology
projects that support teaching and learning at the university. Co‐Chairs: Martha Bradley and Wayne
Samuelson.
UniversityITInfrastructurePortfolioThe Information Technology (IT) Infrastructure Portfolio oversees data, video, and voice networks; data
storage; administrative computing infrastructure; and security investments. This portfolio identifies and
prioritizes IT infrastructure requirements for the University of Utah and ensures appropriate IT
infrastructure exists to support the mission of the University. The portfolio will also review the funding
structure for IT infrastructure services. Chair: Cynthia Furse.
PatientCarePortfolioThe Patient Care Portfolio will be defined by Sr. Vice President of Health Sciences Dr. Vivian Lee. Patient
Care Portfolio agendas and membership will be available once the portfolio is formalized and begins
meeting.
Top Related